Private Key PFX to/from JKS Conversion Using OpenSSL and Jetty

Recently I’ve been watching quite a few screencasts which seem to be a really fun way to learn something. This made me want to create something of my own. So for this blog post I’m putting up my first attempts at creating screencasts while trying to explain something useful.

When dealing with PKI based application security, one usually encounters different systems on different platforms and making sure they can interact with each other can be quite a hassle. Testing these systems usually means you create you own self-signed private/public key pairs. And of course there are times when for testing purposes you need to convert your private key to another format because you generated it on a different platform or received it from someone else who didn’t ask you about your preferred private key storage format. There are quite a few storage formats devised by the public-key cryptography standards group. Most of the time I have to deal with keys in Java’s JKS format and PFX format used on Microsoft platforms so from time to time I have a need of converting one format into another. See the screencasts bellow of how I’m converting them both ways.

Convert private key in PFX format to JKS keystore

Note: after this conversion the alias in the Java keystore for the converted key is ‘1’. Since I’m using such conversions only for test purposes I haven’t looked into changing the alias to something more meaningful. But if you know a quick way of doing this without reimporting the key, please, post your method in the comments ;)

Convert private key in JKS keystore to PFX format

Here’s the source of the Java file I used in the screencast for private key an certificate extraction from JKS keystore. Note that I’m assuming here the usage of JDK 6 because System.console().readPassword() is used to read the password without echoing.